Holdfast vs Everplans: honest comparison

01The short verdict

All Everplans facts on this page were taken from their own published pages (everplans.com, the Security page, the help centre, the Privacy Policy, and announcements about the Precoa acquisition) on the date this comparison was written. If anything has moved since, we would rather know than not. Drop us a line.

Choose Everplans if you want the most established product in this category, you are based in the US and want HIPAA compliance for medical information, you value the deeply elaborated checklist-based organisation approach (life inventory, after-death wishes, funeral preferences, letters to family), or you are accessing Everplans through an advisor partnership (Symmetry Financial Group, MOAA, VSP, Blue365) where the cost is materially subsidised.

Choose Holdfast if you want client-side encryption where the operator cannot read your vault contents even if compelled, you want recipients to receive the actual encrypted contents without creating a platform account, you want an operator compliant with UK GDPR which the EU recognises as providing an equivalent level of protection under its adequacy decision, or you want a B2B tier built specifically for professional firms in legal and financial services.

The honest one-line summary: Everplans is the mature US incumbent with deep checklists and a well-developed advisor channel. Holdfast is the UK challenger with stricter encryption, simpler recipient delivery, and a different B2B model. Both products work. The right answer for you depends mostly on where you live, what you're storing, and what you want the operator to be able to see.

02How each one is built

The architectures look superficially similar — both products store information in encrypted vaults and deliver access to trusted contacts after a trigger event. The differences underneath matter, especially for users who pay close attention to encryption details.

Everplans' model

Everplans is a structured digital vault organised around checklists. The product is divided into six major sections — My Life, Legal, Health and Medical, Elder Care, Financial, and After I'm Gone — each with detailed sub-categories and prompts that walk users through what to include. The dashboard nudges you through completing each section, which is a genuine strength for people who would otherwise stare at a blank page and never start.

Stored content includes uploaded documents (wills, advance directives, insurance policies), structured information (account numbers, beneficiary designations, vehicle maintenance records, utility account details), and personal content (letters to family, funeral preferences, family recipes, legacy messages).

Encryption architecture. Everplans stores all personally identifiable fields with AES-256 encryption at rest, with uniquely derived keys per user following NIST SP 800-132. Communications use TLS with 2048-bit certificates and perfect forward secrecy. They have completed a SOC 2 Type II examination and are HIPAA-compliant. Their published security policy states that administrators have no access to user plan data or uploaded documents — only limited metadata such as whether a particular type of document has been uploaded.

Importantly, the encryption key is managed within Everplans' infrastructure rather than derived from a user-held passphrase. This is a meaningful technical distinction we will return to. The result is closer to "encrypted at rest with strong access controls" than to "cryptographically zero-knowledge with operator-impossible decryption."

Trigger model. Each user designates Deputies and invites them to create their own free Everplans Deputy accounts. The user controls which sections each Deputy can see, and crucially, whether access is granted immediately or only "after death." For after-death sections, the deputy must use the in-platform "Report as Deceased" function. This triggers Everplans to contact the user by email with a user-configurable wait period of up to 30 days. If the user does not respond within that window, the after-death sections unlock and notified deputies can log in to view them.

Everplans is built by Everplans, headquartered in New York City. Founded in 2012 by Abby Schneiderman and Adam Seifer. Acquired by Precoa in October 2024. Precoa is a Portland, Oregon, company that provides preneed funeral home leads. The acquisition expanded Everplans' resources but raises a question worth being honest about: a digital legacy product owned by a preneed-funeral lead-generation company has a different commercial logic than one owned independently.

Holdfast's model

Holdfast is an encrypted vault using a fundamentally different cryptographic approach to Everplans. What goes into the vault is up to you: credentials and recovery phrases that recipients can act on directly, signposting information that tells beneficiaries where to find assets they will need to claim institutionally, documents that need to reach specific people, and private video messages recorded for individual recipients. The Family tier and above support video messages up to 50MB per message, stored alongside the rest of the vault contents.

All vault contents are encrypted client-side with AES-256-GCM. The key is derived from a passphrase you choose, using PBKDF2 with 250,000 iterations of SHA-256 against a per-user salt. The passphrase never leaves your browser, never reaches our servers, and cannot be recovered by us. Even with full access to our database, we cannot decrypt your vault.

The encrypted vault blob lives in Supabase Postgres (hosted in Frankfurt). Video messages are stored on Supabase Storage with the same encryption boundary. The encryption module sits at github.com/Nexus-sectech/holdfast-crypto and is loaded into the vault page with Subresource Integrity, so the browser refuses to execute it if the file has been altered.

When check-ins stop, Holdfast delivers the encrypted vault and instructions to each recipient by email after a documented escalation. Recipients open an email and use the passphrase that you shared with them in life — written on a card, in a sealed envelope, kept with a solicitor — to decrypt the vault contents directly. They see the credentials, the signposting, the documents, and any video messages addressed to them. No platform account, no app, no in-platform "Report as Deceased" workflow.

Holdfast is operated by Nexus-Sec Ltd (71-75 Shelton Street, Covent Garden, London), a UK limited company at Companies House (number 17126982), registered with the Information Commissioner's Office, compliant with UK GDPR, which the EU recognises as providing an equivalent level of protection under its adequacy decision.

The encryption distinction matters

Both products use AES-256, and both have strong access controls. The difference is in who holds the key:

• Everplans: Each user has a uniquely derived key, but the key is managed within Everplans' infrastructure. The operator's published commitment is that administrators do not access user data; the technical guarantee is that they could, if compelled by law or compromised by attack, because the keys are accessible to authorised systems. SOC 2 Type II and HIPAA compliance are real third-party validations of their access-control practices.
• Holdfast: The decryption key is derived from a passphrase that never reaches our servers. Even with court orders, even with our entire database leaked, the contents of your vault remain encrypted to anyone who does not hold the passphrase. The cryptographic guarantee is structural, not procedural.

Neither approach is "better" in the abstract. Everplans' model is appropriate for users who value strong operational access controls with third-party audit (SOC 2 Type II, HIPAA) and don't require the operator to be technically incapable of decryption. Holdfast's model is appropriate for users who want the cryptographic guarantee that nobody but the holders of the passphrase can ever decrypt the contents, regardless of the operator's intentions, court orders, or future ownership changes.

Both products can hold the same range of content: credentials, signposting information about where assets are held, scanned documents, final letters, and video messages. The technical difference is who needs to be trusted to keep that content confidential. With Everplans, you are trusting the operator's access controls and audit certifications. With Holdfast, you are trusting cryptography that does not depend on the operator's intentions at all.

If your threat model includes "what if the operator is subpoenaed" or "what if the operator is breached at the database level," the architectures answer that question differently.

03The trigger and delivery flow

Both products use a "report missed signal, wait, then deliver" model, but the mechanics and the recipient experience differ in ways that matter for the day delivery actually fires.

Everplans' flow

Each Deputy must create their own free Everplans Deputy account via email invitation. They have whatever access (and only that access) you have explicitly granted, immediate or after-death.

For after-death access, a Deputy logs into the platform and uses the "Report as Deceased" function. Everplans then emails the user with a configurable wait period of up to 30 days. If the user does not respond, the after-death sections unlock and notified Deputies can log in to view the relevant content within the Everplans platform.

For Household Everplans (two members), after-death sections only unlock when both Household members have been reported deceased and confirmed.

Holdfast's flow

When a check-in is missed:

• Grace period: 7 days, no escalation.
• Escalation: 7 days, during which up to 3 reminder emails are sent through distinct delivery infrastructure so that a single deliverability failure does not silence the whole sequence.
• Delivery: if escalation passes without check-in, the encrypted vault and delivery instructions go to each nominated recipient. Each recipient receives their email independently.
• Retention: 30 days after delivery, the vault is fully purged. A warning email goes out on day 23. On day 30 the encrypted blob, salt, hash and hint are nulled, storage files are deleted, the Stripe subscription is cancelled, and the user row is anonymised.

Each recipient opens their email, follows the instructions, and decrypts the vault with the passphrase shared with them offline. No platform account required, no app to install, no "Report as Deceased" workflow to navigate.

The asymmetry

Everplans is a system where the operator confirms the trigger (by failing to reach the deceased user during the wait period) and delivers access to recipients who log into the platform. Holdfast is a system where the operator confirms the trigger (by failing to reach the user during the escalation period) and delivers encrypted content directly to recipients who decrypt offline.

Both models have legitimate defences. Everplans' "Report as Deceased" plus user-configurable 30-day wait is a reasonable safeguard against false positives. Holdfast's 14-day grace-plus-escalation window with three-channel reminders serves the same purpose with a different mechanism.

The receiver-side difference is the most operationally significant: a Holdfast recipient never touches our platform, never creates an account, and never has to remember a service they signed up for years ago. An Everplans Deputy must maintain their Deputy account and remember Everplans exists when the time comes.

04Jurisdiction and compliance

This is where the two products diverge most clearly on a dimension that matters for many users.

Everplans is a US company headquartered in New York City, now owned by Precoa (Portland, Oregon). They are HIPAA-compliant (which is meaningful for the medical information stored in the Health and Medical section) and have completed SOC 2 Type II examination. They do not publish UK or EU GDPR controller designations. Their privacy policy references US federal and state laws, including HIPAA, but does not designate a UK or EU representative or reference Standard Contractual Clauses for international data transfer.

This is consistent with operating primarily as a US service under US data protection law. That is not a criticism — Everplans is honest about who they serve — but it does mean that users outside the US are accessing a US-domiciled service whose primary regulatory framework is American.

Holdfast is operated by Nexus-Sec Ltd, a UK limited company registered with the Information Commissioner's Office. Holdfast is compliant with UK GDPR, which the EU recognises as providing an equivalent level of protection under its adequacy decision. Users worldwide are welcome; data is processed to UK/EU standards regardless of where the user is based. For users in jurisdictions with their own data protection regimes (CCPA in California, LGPD in Brazil, the Australian Privacy Principles, PIPEDA in Canada, and others), our baseline exceeds most jurisdictions' default protections, but we do not currently implement jurisdiction-specific flows like a CCPA "Do Not Sell" toggle as a first-class feature. We do not sell data in any case, and we say so plainly in our privacy policy.

The practical implications:

• For US users. Everplans operates under the regulatory regime you live in, with HIPAA compliance for medical content. Holdfast operates under UK GDPR uniformly, which exceeds most US baselines but does not implement CCPA-specific first-class flows.
• For UK and EU users. Holdfast is the home-jurisdiction option with adequacy-recognised compliance. Everplans is a US service that may not have designated EU representatives or referenced cross-border transfer mechanisms in their published privacy policy.
• For users elsewhere. Both products will serve you, but the regulatory frameworks behind them are different. Choose based on which framework you would rather have on your side in a dispute.
• The acquisition factor. Everplans is now owned by Precoa, a company in an adjacent but distinct industry (preneed funeral lead generation). Holdfast is independently owned by Nexus-Sec Ltd. Long-term commercial trajectory is a real consideration for a product you may use for decades.

If your concern is "I want an operator under UK GDPR with named accountability," Holdfast is the cleaner answer. If your concern is "I want HIPAA-compliant medical storage in a US-domiciled service," Everplans is the cleaner answer.

05Pricing

Direct-to-consumer pricing is comparable. The real differentiator is the partner-subsidy channel for Everplans, which can dramatically reduce the per-user cost for some buyers.

Everplans (taken from their pricing page and help centre on the date of writing):

• Freemium: Free, limited to 3 items in your Everplan.
• Premium: $99.99/year. Full access to all sections, document upload, deputy designation, automated reminders, personalised guidance.
• Partner subsidies: Significant discounts available through partnerships (VSP $27/year, MOAA up to 30% off, Blue365 56% off, employer benefits).
• Everplans Professional: B2B tier for financial advisors and other professionals, with co-branding, Redtail and Orion CRM integrations, and household-level client management. Pricing is by quote.

Holdfast (taken from our pricing page on the date of writing):

• Free: £0 forever. 5 entries, 1 recipient, monthly check-in.
• Personal: £5 per month or £45 per year. Unlimited entries, 3 recipients, choice of weekly, fortnightly, or monthly check-in.
• Family: £9 per month or £79 per year. Two independent vaults on one plan, 5 recipients per vault, video messages up to 50MB each.
• Firm: £39 per month or £399 per year. B2B tier for professional firms in legal and financial services with white-label delivery, soft cap of 20 clients included, tiered overage above that, dedicated dashboard, client invitation flow.

Direct-to-consumer pricing is roughly comparable. Everplans Premium at $99.99/year is about £79, almost identical to the Holdfast Family tier at £79/year (the Holdfast Personal tier at £45 is cheaper, but covers 3 recipients rather than Everplans' unlimited deputies).

The genuine pricing difference is at the access points. Everplans has cultivated a wide partner-subsidy network (insurance, employers, professional associations, financial advisors) that can bring per-user cost to $27 or less. Holdfast does not currently have an equivalent partner-subsidy network and may not develop one in the same form. If you have access to a partner discount, Everplans is materially cheaper. If you are paying full retail on both, the difference is small.

On the B2B side, both products offer professional tiers. Everplans Professional integrates with US financial advisor CRMs (Redtail, Orion). The Holdfast Firm tier is built around the needs of UK solicitors, IFAs, and their international counterparts in legal and financial services, with a different feature set (white-label delivery, CSV bulk client invite, soft-cap-plus-overage pricing). These are different professional channels serving different markets, not directly competing offerings.

06Where Everplans is genuinely better

Three things are worth saying clearly and not burying.

The most mature checklist-driven onboarding in this category. Everplans has been refining the checklist UX since 2012, and it shows. The product walks users through inventorying their life in a way that surfaces things most people would otherwise forget — utility account access, vehicle maintenance instructions, pet care routines, funeral preferences, letters to family members. For users whose problem is "I don't know where to start," this is a genuine strength. Holdfast's onboarding is leaner and assumes you already know what you want to store.

The established advisor partnership network. Everplans Professional has been integrating with US financial advisor CRMs and serving the US estate-planning advisor channel for years. If you are accessing Everplans through your financial advisor (Symmetry Financial Group, an RIA on Orion or Redtail, a CPA, or an estate-planning lawyer), the integration is smooth, the workflow is established, and the cost may be subsidised by the firm. Holdfast's Firm tier serves a similar role for UK solicitors and IFAs and their international counterparts, but in a younger, smaller channel.

HIPAA compliance and US-jurisdiction medical information. If you are storing detailed medical history, healthcare proxy documentation, prescription details, or other health information in your digital legacy, Everplans' HIPAA compliance is a meaningful US regulatory framework. Holdfast can hold this content too, but operates under UK GDPR rather than HIPAA. For US users with significant medical content, this is a real difference.

07Where Holdfast is built differently

Three things we have done deliberately that Everplans has not.

Cryptographic zero-knowledge through a user-held passphrase. Holdfast's encryption is derived from a passphrase that never reaches our servers. We cannot decrypt your vault even if compelled, even if breached. Everplans' encryption is operator-managed, with strong access controls but with the technical capability of access in extremis. For users who want the strongest cryptographic guarantee that the operator cannot read their data under any circumstance, this is a meaningful difference.

Recipients receive contents directly, with no platform account. Holdfast recipients open an email and decrypt with a passphrase you shared in life. What they see is whatever you put in the vault: credentials and recovery phrases they can act on directly, signposting information about where assets are held that they can take to institutions, scanned documents, and private video messages addressed to them on the Family tier and above. No Deputy account, no platform login, no waiting for the "Report as Deceased" workflow. The recipient experience is the same on the day delivery fires as it would be on any other day they received an email. For situations involving recipients who are non-technical, geographically scattered, or unfamiliar with online services, this matters more than any other feature.

A Firm tier built around UK and international professional firms in legal and financial services. The Holdfast Firm tier is built for professional firms offering digital legacy planning to clients as part of their service — UK solicitors and IFAs, and their international counterparts in legal and financial services. White-label delivery, CSV bulk client invite, a per-firm dashboard, and a soft-cap-plus-overage pricing model are aimed at making this a viable channel for professional firms rather than a side offering. Everplans Professional serves a similar audience in the US through CRM integrations with Redtail and Orion. The two B2B offerings overlap in intent but serve materially different professional ecosystems.

08Honest summary

Choose Everplans if you are in the US, you value HIPAA-compliant medical storage, you want the most refined checklist-driven UX in the category, you are accessing the product through a partner discount that materially reduces cost, or you want established financial advisor CRM integrations that have been in production for years. The product is mature, the security claims are independently audited via SOC 2 Type II, and the user base is substantial. The 2024 Precoa acquisition is worth being honest about as a long-term consideration, but it does not invalidate the product.

Choose Holdfast if you want client-side encryption with a user-held passphrase the operator cannot access, you want recipients to receive the actual encrypted contents directly without creating a platform account, you want an operator compliant with UK GDPR which the EU recognises as providing an equivalent level of protection under its adequacy decision, or you want a B2B tier built specifically for professional firms in legal and financial services across the UK and international markets. The Family tier at £79 a year matches Everplans Premium on price while delivering two independent partner vaults, and the Firm tier opens a different professional channel than Everplans Professional.

If you are still on the fence, the most useful thing you can do is ask yourself two questions: First, do I want the operator to be technically capable of reading my data under any circumstance, even with strong access controls and audit certifications? Second, what country's regulatory framework do I want behind the operator I am trusting with my digital legacy? The product that answers your version of those questions is the product to choose. For some users, the honest answer is to use Everplans for its mature checklist-driven onboarding and US advisor-channel integrations, and Holdfast for content where cryptographic operator-impossible decryption matters more than feature breadth.

Last verified against published Everplans pages on the date this comparison was written. If Everplans has changed materially since and any fact above is out of date, please let us know at [email protected] and we will correct it.